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DETAILED ACTION 

Claims 1 - 75 have been presented for examination. Claims 8, 9, 30, 31 , 33 - 
36, 42, 43, 66, 67 and 71 - 75 have been cancelled and claims 1,15, 20, 25, 32, 37, 44, 
61 and 68 have been amended in an amendment filed 1/30/2006. 

Examiner's Amendment 

An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Dave A. Morasch (Reg. No. 42,905) on 2/27/2006. 

This application has been amended as follows: 
IN THE CLAIMS 

Cancel claims 1 - 7, 10 - 24, 46, 47, 53, 54 and 56 without prejudice. 
Replace claims 37, 45, 58 and 61 as follows. 
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Claim 37: One or more computer readable media containing a security 
application, comprising: 

a security component that is registerable with an Internet server during run-time, 
the security component having: 

a validation component to determine whether a request for a resource poses a 
security risk by determining if a total number of characters defining all of the arguments 
of the request exceeds a maximum number of characters; and 

an integrity verification component to determine whether the resource poses a 
security risk, the integrity verification component further configured to: 

formulate a descriptor corresponding to the resource when the security 

application receives the request; 

compare the formulated descriptor with a cached descriptor, the cached 

descriptor corresponding to the resource and formulated when the resource is 

initially requested; 

if the formulated descriptor and the cached descriptor are not equivalent, 
formulate a second descriptor corresponding to an original resource remotely 
located, the resource being replicated from the original resource; 

compare the formulated descriptor with the second descriptor; and 
determine that the resource is not a security risk if the formulated 
descriptor and the second descriptor are equivalent. 
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Claim 45: A method, comprising: 

registering a security component with an Internet server during run-time: 
receiving a request for a replica resource stored on a computing device, the 

request designating a resource locator having a resource path identifying a location of 

the replica resource , the reguest further designating the resource locator having a 

plurality of arguments : 

implementing security policies to prevent unauthorized access to the replica 

resource: 

determining whether the reguest will pose a security risk if allowing the reguest, 
and allowing the reguest if said determining that the replica resource does not pose a 
security risk to the computing device: 

redirecting the reguest to indicate that the replica resource is not available if 
determining that the reguest poses a security risk to the computing device: 

determining that the reguest does not pose a security risk if individual arguments 
do not exceed a maximum number of characters, and if a total number of characters 
defining all of the arguments do not exceed a maximum number of characters: 

formulating a descriptor corresponding to the replica resource; 

comparing the formulated descriptor with a cached descriptor corresponding to 
an original resource stored on a second computing device remotely located from the 
computing device, the replica resource being replicated from the original resource; 

determining that the replica resource does not pose a security risk if the 
formulated descriptor and the cached descriptor are equivalent; 
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if the formulated descriptor and the cached descriptor are not equivalent, 
formulating a second descriptor corresponding to the original resource; 

comparing the formulated descriptor with the second descriptor; and 
determining that the replica resource does not pose a security risk if the 
formulated descriptor and the second descriptor are equivalent. 

Claim 58: A method as recited in claim 45, wherein: 

the request further designates the resource locator having [[a]] the resource path 
that has and on e or mor e a rgum e nts, th e r e sourc e path i d e nt i fy i ng a locat i on of th o 
r e p li ca r e sourc e and th e r e sourc e path hav i ng a resource identifier; 

the method further comprising determining that the request does not pose a 
security risk if: 

the resource path does not exceed a maximum number of characters; 
individual arguments do not exceed a maximum number of characters; 
a total number of characters defining all of the arguments do not exceed a 
maximum number of characters; and 
the resource identifier has a valid file extension. 
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Claim 61 : A method, comprising: 

registering a security component with an Internet server during run-time: 
receiving a request for a resource; 

implementing security policies to prevent unauthorized access to the resource; 

determining whether the request will pose a security risk by determining if a total 
number of characters defining all of the arguments of the request exceeds a maximum 
number of characters; and 

determining whether the resource will pose a security risk if allowing the request; 

formulating a descriptor corresponding to the resource; 

comparing the formulated descriptor with a cached descriptor corresponding to 
the resource and formulated when the resource is initially requested; 

determining that the resource does not pose a security risk if the formulated 
descriptor and the cached descriptor are equivalent; 

if the formulated descriptor and the cached descriptor are not equivalent, 
formulating a second descriptor corresponding to an original resource remotely located, 
the resource replicated from the original source; 

comparing the formulated descriptor with the second descriptor; and 

determining that the resource does not pose a security risk if the formulated 
descriptor and the second descriptor are equivalent. 
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Allowable Subject Matter 



1 . Claims 25 - 29, 32, 37 - 41 , 44 - 45, 48 - 52, 55, 57 - 65 and 68 - 70 are 
allowed. 

2. The following is an examiner's statement of reasons for allowance: 

The above mentioned claims are allowable over prior arts because the CPA 
(Cited Prior Art) of record fails to teach or render obvious the claimed limitations in 
combination with the specific added limitations, as recited in independent claim 25 and 
subsequent dependent claims. 

The prior arts Farber, alone or in combination with Malcolm, fail to teach or 
suggest a network server, comprising: an Internet server to receive a request for a 
resource maintained on the network server and, in response to the request, implement 
security policies to prevent unauthorized access to the resource; a security component 
that is registerable with the Internet server during run-time, the security component 
having: a validation component to determine whether the request will pose a security 
risk to the network server by determining if a total number of characters defining all of 
the arguments of the request exceeds a maximum number of characters; and an 
integrity verification component to: determine whether the resource will pose a security 
risk to the network server upon receipt of the request; formulate a descriptor 
corresponding to the resource; compare the formulated descriptor with a cached 
descriptor, the cached descriptor corresponding to the resource and formulated when 
the resource is initially requested; determine that the resource is not a security risk if the 
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formulated descriptor and the cached descriptor are equivalent; if the formulated 
descriptor and the cached descriptor are not equivalent, formulate a second descriptor 
corresponding to an original resource maintained on a file server remotely located from 
the network server, the resource being replicated from the original resource; compare 
the formulated descriptor with the second descriptor; and determine that the resource is 
not a security risk if the formulated descriptor and the second descriptor are equivalent. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788 
The examiner can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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